...First reported in 2014, Masque Attack allowed hackers to replace a genuine app from the App Store with a malformed, enterprise-signed app that had the same Bundle Identifier (Bundle...more…

Helper for Haima iOS App Store Adds More Malicious Behavior

...In an earlier blog post, we talked about the Haima app store on iOS. Here, we found that official apps were repacked and advertising modules added to generate revenue...more…

PUA Operation Spreads Thousands of Explicit Apps in the Wild and on Legitimate App Stores

...users to manually trust the enterprise certificate through Settings > General > Device Management before launching the app. However, once you trust these enterprise certificates, any apps installed later that...more…

Bypassing Android Permissions: What You Need to Know

...Android Permissions Work Before we get into the details, let’s see how Android permissions work. An Android app can access limited system resources. To access sensitive APIs, the app must...more…

Fake Bank App Ramps Up Defensive Measures

...banking app in Russia named Fanta SDK that is capable of changing the phone’s password when the user tries to remove or deactivate the application’s admin privileges. It also has...more…

Fake Bank App Phishes Credentials, Locks Users Out

...banking app in Russia named Fanta SDK that is capable of changing the phone’s password when the user tries to remove or deactivate the application’s admin privileges. It also has...more…

Fake Super Mario Run App Steals Credit Card Information

...app stores. As is the norm, it asks for various permissions: Figure 1. Fake app requesting permissions During the installation process, it also asks for itself to be activated as...more…

Ztorg: money for infecting your smartphone

...ads, they are redirected to the Google Play Store. In this case, the redirects look like this: api2.batmobil.net -> global.ymtracking.com->tracking.acekoala.com -> click.apprevolve.com ->track.iappzone.net ->app.adjust.com -> play.google.com After analyzing ad campaigns...more…

Good App/Bad App: Is Investigating Mobile Apps Necessary?

...These days, when you see someone staring intently or tapping at their mobile phones, chances are that they’re busy with an app. This comes as no surprise as 80%...more…

I know where your pet is

...displayed in the mobile app. The tracker does not interface “directly” with the smartphone. We could not detect any problems in the device itself, so we turned our focus to...more…

Trojanized Photo App on Google Play Signs Up Users for Premium Services

...Mobile apps usually have names that give some indication of their function. In one recent case, however, we found a misnamed app that turned out to be malicious. Every...more…

Vulnerability in In-App Payment SDKs May Lead to Phishing

...Vulnerabilities in apps are always a cause for concern, especially when said apps handle sensitive information, particularly financial. We examined two popular in-app payment (IAP) SDKs—Google Wallet and the...more…

About site

This is experimental project, which search automatically antivirus, security, malware, etc. news and alerts. If you want add/delete source or post, let us know. We will add/delete it. We'd like make place, where you can find security information from various sources with correct backlink back to source.